Preparing for a Cyber Attack
This article appears in the Jan/Feb 2015 issue of Business Franchise Australia & New Zealand
Every company needs to have a plan in place to protect their website from a cyber attack, and this is extremely crucial for franchise companies because you have multiple locations and may have multiple websites.
While cyber attacks happen everyday, (which you can actually see in real-time at http://cybermap.kaspersky.com), the New Year is one of the busiest time of year for attackers. There is more financial information out there during the holidays—more shopping going on, more companies getting overwhelmed and distracted, etc.—which makes it the perfect time for an attack.
To state the obvious, a cyber attack can clear all of your data and seriously hurt your company, sending you into a legal mess and an even worse cleanup and rebuilding of your business. Fortunately, there are several ways you can make sure your website is prepared and ready to fight off any potential incidents.
Cyber Security Definition and Statistics
Before diving into how to be prepared, it’s important to understand what a cyber attack actually is. Essentially, a cyber attack is when someone/a team of people (or a computer program run by someone) break into your website and steal and delete your company information.
Below are a few statistics about cyber security from the IBM Security Services 2014 Cyber Security Intelligence Index:
• In 2013 more than 500 million records of personal information were stolen.
• There were 91 million+ security events detected in 2013 with 16,900 attacks.
• $3.5 million was the average total cost to U.S. companies for a data breach last year.
• Over 75 per cent of incidents targeted five industries: Health and social services, retail and wholesale, finance and insurance, information and communication, and manufacturing.
• Malicious code was the primary mode of attack for 38 per cent of cases.
• Outsiders instigate more than half of attacks, but there are many cases of ‘insiders’ working to aid attackers.
If you’re interested, check out the three biggest server attacks of 2014 thus far at: www.hostt.com/3-biggest-server-hacks-2014. Do note, however, that a cyber attack isn’t something to lose sleep over. Although they happen every day, the majority of companies are not affected. It’s simply important to go over your plan of action every once in a while in the unlikely event that something could happen. You can never be too safe when you own a franchise.
How to Make Sure Your Website is Prepared for an Attempted Cyber Attack
And so without further ado, below lists a few ways to keep your website protected 24/7:
1. Use software to protect your website and keep it up to date.
This is of course your first step. Using software such as Bitdefender or Kaspersky, which work well for franchise websites, will be your biggest defense against attackers. What experts continue to say and we all continue to ignore, however, is that this software needs to stay updated. It’s easy to forget about cyber attacks if you’ve never been attacked, but this software is actually updated all the time as hackers begin to figure them out or new threats are introduced. It’s up to you to take advantage of these new updates by constantly checking your software and taking the time to actually accept the changes.
2. Have a back-up system.
You should always back-up your system so that you’re prepared if something ever happens. This will help put your mind at ease and ensure that your information is stored in a separate location. There are quite a few plugins out there to help you backup your information, such as BackUpWordPress. You can also save your information onto an external harddrive with the help of your IT team. A good rule of thumb is to backup your website once per week.
3. Use two-factor authentication for logging in to your accounts.
Instead of just asking for a login and a password (which is one-factor authentication), change your website to require the need for two steps of information, such as a code send to a smartphone. The idea here is having layers of security in place to help keep you more protected.
4. Keep your passwords different and difficult.
This is highly recommended for personal use, but it’s an easy tip that can help keep a franchise secure as well. Always make sure all of your passwords are different, and make them incredibly unique and difficult to crack. This means using upper and lower case letters, special characters, and keep the length long.
5. Switch to a secure HTTPS server.
You can always tell whether or not a website is secure based on the URL. Any HTTPS site means it is using something called a Secure Sockets Layer (SSL). The HTTP therefore means that a website is not secure. An HTTPS site will send information across the web that is encrypted, whereas an HTTP site sends information in plain text, which is easier to read and find for people trying to steal information. You can learn more about how to make the switch and how it will actually boost your SEO on our website.
6. Extra Tip: Make sure cyber security isn’t only in place at your head office.
You have to make sure that you have a comprehensive program in place for all of your franchise locations. This is the main reason that attackers sometimes find new franchise companies more vulnerable and an easier target. Talk with your IT team to make sure that your software and back-up plans are working for all of your webpages and all different locations (if they have their own website, social accounts, logins, etc.).
Adam Heitzman is the Co-Founder and Managing Partner at HigherVisiblity, a nationally recognised SEO firm that offers a full range of internet marketing services.
For more information visit: